updated 12:30 am EST, Thu February 23, 2012
Sim card 'confusion' access phone, contacts
A flaw demonstrated in a YouTube video (seen below) demonstrates a difficult-to-access but reproducible bug in iOS 5.0.1 that can allow unauthorized users to bypass a lock screen on GSM-based iPhones and access recent contacts, make calls or even use FaceTime, iPhoneIslam reports. The hack revolves around trying to return a missed call while the sim card is taken out and re-inserted repeatedly (or in an area with no network coverage).
After multiple tries at returning a missed call without network coverage or the SIM, the iPhone will unlock itself to the phone application (and the SIM can be re-inserted or the phone taken to a location with network coverage). Once in the phone app, users can make phone calls, call anyone on the contact list, and make FaceTime calls. It's not known if the bug can be reproduced on non-GSM iPhones.
A similar bug was discovered in iOS 4, and the effect of the hack is reminiscent of the "smart cover" bug that bypassed iPad lock screens. Another bug in iOS 5 makes it possible for unauthorized users to access the camera roll, but again was difficult to access as it required the authorized user to deliberately reset the clock in the iPhone back in time, thus making photos that were taken "in the future" accessible via the lock screen's camera button.
Because of the difficulty in making the 'phone confusion' trick work in the first place, coupled with the unlikely circumstances of allowing others to have the time and knowledge to reproduce the hack, the problem can't be seen as a significant security threat, even if an iPhone is stolen. Users can remotely wipe a stolen iPhone if someone attempts to use it.
As the bug has been recently discovered, it's not known if Apple was already aware of it or if it is planning to fix the admittedly-rare issue in iOS 5.1, which is currently undergoing developer testing. [via iPhoneIslam]